Identosphere 66 • Transatlantic Interop • ENISA Reports on Digital ID • Capability-based Data Security Ceramic
A weekly digest of upcoming events, company news, organizational updates, development in open standards and the latest headlines in self sovereign identity.
Thanks to Patrons like you.
…or reach out to Kaliya, and she can send you an invoice
if you have a “budget” as part of your employment spend some of it on us we can send you an invoice ; )
Read previous issues and Subscribe : newsletter.identosphere.net
Content Submissions: newsletter [at] identosphere [dot] net
Identity and Security Meetup Sydney (video) (Auth0 sponsored) Next meeting 1/25
Ally Haire talks about identity using blockchain, and Vandana Verma tells us how to stay secure with third-party dependencies!
Data Space Launchpad MyData • Until 2/22
Decentralized Autonomous Organizations to revolutionize the way we work? Alex Puig • Caelum Labs 2/24
Class on Digital Identity starting up at University of South Florida
Students examine identity in a digital world. Topics covered include identifying digital identity, managing digital identities, examining marginalized digital identities, and the governing of digital identities. This is primarily a project-based course.
Transatlantic SSI Interop Markus Sabadello
The "Transatlantic SSI Interop" experiment was successfully conducted to demonstrate interoperability between the EU EBSI Diploma use case, and the US SVIP Permanent Resident Card use case. This was jointly planned and executed by EU partner Danube Tech and US partner Digital Bazaar.
SSI Interop Video NGIatlantic.eu
Results from an interoperability project in the are of Decentralized Identity, conducted by EU company Danube Tech and US company Digital Bazaar.
The ideal candidate is a self-motivated, multi-tasker, and demonstrated team-player. You will be a lead developer responsible for the development of new React Native mobile (iOS and Android) apps in the Decentralized Identity industry. You should excel in working with large-scale applications and frameworks autonomously. As you’ll work remotely you must have outstanding communication and leadership skills.
The @Avast Identity team has several openings in Product Management, Program Management, Engineering, and DevOps.
Merit grabs $50M Series B to expand digital credentials platform TechCrunch ←its not SSI though
The company spent the last five years working with various governments to build connectors to these licensing databases to allow third parties to access the data and have it update automatically. So if you are a plumbing company, you can display your employees’ plumbing credentials on the company website and have them update automatically when the license is renewed (or show that it wasn’t).
We don’t know what this is… is it DIDComm? if not what is it?
The project SSIComms adds SSI to internet communications by adding SSI wallets to the renowned SYLK Suite, an award winning ensemble of communications solutions with the SIP protocol at its core. This enables users to respond to presentation requests for credentials entirely voluntarily and according to SSI principles during communications sessions.
Custodial vs Non-custodial Wallets Affinidi
The biggest disadvantage of non-custodial wallets is their inaccessibility when you lose or forget the password. Since you are the sole custodian, there is a huge responsibility on you to always remember the password of your wallet.
A short timeline highlights just how quickly SSI has developed. It underlines the path and development of the evolution of Internet Identity.
We’ve been hard at work writing use cases, helping education standards organizations understand and align with VCs, and we’ve been heading towards a model recommendation doc for the community.
A credential is called a verifiable credential when its authenticity can be cryptographically checked by anyone because the credential contains a cryptographic signature by the issuer, and the issuer's public key is well known.
Your Thrivacy wallet allows you to request all your important, personal information that can be used to identify who you are to be created into what we call verified credentials. Then those same verified credentials or VCs can be downloaded and stored in your own personal wallet that is kept inside your cell phone.
SSI Meme of the week SSI By Memes
The 3Box Labs team recently published a new standard for creating capability containers for accessing decentralized data to the Chain Agnostic Standards Alliance. Capability containers are an approach for managing advanced data security and permissions, commonly referred to as “Object Capabilities” or “OCAPs.”
This new standard is currently in development for use on Ceramic. Once deployed in a future version of the protocol, it will allow Ceramic to be fully compatible with the new Sign-in with Ethereum (SIWE) specification as well as provide advanced data flow control features for resources stored on the Ceramic network.
The SSI Kit Walt ID
Introducing the SSI Kit, which offers developers and organisations an easy and fast way to use Self-Sovereign Identity (SSI).
The Journey of an SSI Developer Affinidi
This is a story of a politician who cried “hacker” after a reporter informed a state agency that sensitive information was embedded in their website’s HTML source code.
Backchannel: A relationship-based digital identity system Ink and Switch
Using Backchannel as a model example, we propose four design principles for trusted digital relationships. Then we used Backchannel to design and build three sample apps: chat, location sharing, and document preview. We also tested these designs with journalists, researchers, and designers. Based on this testing, we outline common user experience challenges and recommended solutions.
Lissi Connect Demo <- in German
The login is only the start of the mutual customer relationship users do not want to monitor and maintain dozens of communication interfaces, but prefer a solution that brings these aspects together […] The media break and the fragmentation of the current systems poses a major challenge for users and organizations. However, once stored in the user's wallet, this information can be easily managed, sorted and presented as needed.
Liquid Avatar and Ontario Convenience Stores Association (OSCA) Successful Pilot of Digital Age-Verification to Reach 8000+ Retail Locations
The Smart Age program provides digital age verification, supported with biometric authentication for restricted product sales like lottery tickets, tobacco, alcohol and other goods and services through a mobile device using verifiable digital credentials and biometrics without a user divulging any personally identifiable information to the store clerk.
ENISA Reports on Digital ID
Digital identification is the focus of two new reports by the European Union Agency for Cybersecurity (ENISA): an analysis of self-sovereign identity (SSI) and a study of major face presentation attacks.
This report explores the potential of self-sovereign identity (SSI) technologies to ensure secure electronic identification and authentication to access cross-border online services offered by Member States under the eIDAS Regulation. It critically assesses the current literature and reports on the current technological landscape of SSI and existing eID solutions, as well as the standards, communities, and pilot projects that are presently developing in support of these solutions.
Most of Hyperledger Indy’s development occurred prior to the completion of the standard DID Specification by the W3C and, as a result, identifiers written to one network are currently not resolvable on other networks. A new did:indy DID Method will fix that and make it easier for decentralized identity products and services to interoperate across different Indy networks.
The official voting period will be between Tuesday, February 1, 2022 and Tuesday, February 8, 2022, following the 45-day review of the specifications.
TheirCharts Doc Searls
If you’re getting health care in the U.S., chances are your providers are now trying to give you a better patient experience through a website called MyChart.
This is supposed to be yours, as the first person singular pronoun My implies. Problem is, it’s TheirChart.
Spherity is Partnering with Legisym Offering Joint Compliance Product for the U.S. Life Sciences Marke Spherity
With the successful completion of the ATP Credentialing Pilot in 2020 and the joint founding of the Open Credentialing Initiative in early 2021, the Spherity-Legisym partnership is already proving successful in collaboration and forward thinking.
are we building for these use-cases?
These vending machines sell internet access five minutes at a time: For many Filipinos, coins are the currency of the internet RestofWorld
Gatekeeping of internet access is a fact of life in the Philippines, where the market is shaped by the telecommunications duopoly. President Rodrigo Duterte threatened to seize the telco giants, Globe and PLDT, if they didn’t improve their service by the end of 2020. Like much of his bluster, though, the threat has failed to have an effect.
Web3, Coherence, and Platform Sovereignty Phil Windley
In The crypto-communists behind the Web3 revolution, Benjamin Pimentel argues that "The future of decentralized finance echoes a decidedly Marxist vision of the future." He references various Silicon Valley icons like Jack Dorsey, Marc Andreessen, Elon Musk, and others, comparing their statements on Web3 and crypto with the ideology of communism.
Why do you care about identity? Phil Wolff
I love that it’s more than a technical discussion. It’s laws. Sociology. Politics and civics. Commerce. Psychology. Ethics. History. Economy. All the humanities.
Identity touches everything. It always will. Computation and communication continue their pervasion, and identity spreads with them.
oldie but goodie
Hank explores different ways of understanding identity – including the Indiscernibility of Identicals, and essential and accidental properties. In what ways does affect identity? In what ways does it not? What does it mean for a thing to persist over time?
Identity not SSI
This article shows how to implement FIDO2 passwordless authentication with Azure AD for users in an Azure tenant.
What is Knowledge-based Authentication (KBA)? Ping Identity
Answering security questions based on personal information when you log in to an app or system is called knowledge-based authentication (KBA).
Another Swiss company is promoting SSI
After rejection of the e-ID Act in March 2021, the Swiss Federal government is working at full speed on a new proposal. The first results were published in a discussion paper on September 2. Self-Sovereign Identity (SSI) is one of three possible solutions proposed for the implementation of the future e-ID.
The Wallet Walt.id
This post introduces our new open source product: the Wallet, which enables developers and organisations to put Self-Sovereign Identity (SSI) into the hands and pockets of the people via easy-to-use applications.
IdRamp CEO Mike Vesey: Pink Locker Rooms School of Cyber Hard Knocks
Passwords and zero-trust and pink locker rooms, oh my! In this episode, Mike discusses IdRamp, what self-sovereign identity is, why we still have passwords today, zero-trust, what the near future holds, pink locker rooms!, his path to IdRamp, and as always, his toughest lesson learned.